Attack detection for the realist

Posted on 6 July 2016

How to increase your chances of detecting the bad guys in your network

Attack detection isn’t easy. However with the right people, technology and know-how, effective detection is possible. In this talk we will discuss both the theory and practical means by which modern attackers can and have been detected in real world scenarios. We will demonstrate how the combination of endpoint threat detection, network security monitoring and log analysis leaves no place for attackers to hide.

Key points to take away:
  • Understand why endpoint threat detection can combat attacks more effectively than just NSM or logs alone

  • Understand which of your data sources could be more effectively utilised to spot anomalies, and how correlation and data enrichment can enhance this process

  • Identify real life case studies and examples of using endpoint threat detection, NSM and log analysis to identify attacks